[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Should I install chkrootkit?



Charles Kroeger <ckrogrr@frankensteinface.com> writes:

> On Wed, 04 Jun 2014 14:30:02 +0200
> David Guyot <david.guyot@europecamions-interactive.com> wrote:
>
>> Anyone saying that Debian and its software are flawless lies or
>> doesn't know what's he is talking about.
>
> How true. And by the way, I have had chkrootkit installed for a long time and the
> other day I ran it after an upgrade and voilà:
>
> Searching for Suckit rootkit...       Warning: /sbin/init       INFECTED
>
> as a Sysadmin what do you suggest I can do to rid myself if this? Looking
> into /sbin/init only shows a lot of stuff that looks like modern art.
>
> I await your help, RSVP
>
> -- 
> CK

Do you have systemd-sysv installed ? When that package is installed
/sbin/init is a symlink to systemd and I have heard that chkrootkit
gives false positives for the suckit rootkit with that.

You could double-check with rkhunter.


Reply to: